Lucene search
K

50 matches found

CVE
CVE
added 2026/06/04 12:0 a.m.22 views

CVE-2026-36182

GNCC GP5 v7.1.76 uses a weak hashing algorithm to protect the root password, which could allow an attacker to brute-force and obtain root credentials and privileges. The CVE-2026-36182 entry shows a high-severity impact (CVSS v3.1: 9.8, NETWORK attack vector, no user interaction) with total poten...

9.8CVSS5.8AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:0 a.m.18 views

CVE-2026-36174

CVE-2026-36174 affects GNCC GP5 v7.1.76, where sensitive wireless network information is stored in plaintext during routine serial console operations. The issue enables physically proximate attackers to retrieve credentials by monitoring the serial UART interface. The CVSS vector (AV:P/AC:L/PR:N/...

4.6CVSS5.8AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.8 views

CVE-2026-36182

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

5.5AI score0.0019EPSS
Exploits0References3
CVE
CVE
added 2026/06/04 12:0 a.m.19 views

CVE-2026-36176

GNCC GP5 v7.1.76 stores pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext on the serial console. This enables physically proximate attackers to extract active tokens and perform unauthorized operations via the serial UART interface. Root cause: tokens exposed in plaintext to the con...

7.1CVSS5.8AI score0.00093EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.11 views

CVE-2026-36176

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

7.1CVSS5.8AI score0.00093EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.13 views

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

5.8AI score0.00145EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability stems from the use of a weak hash algorithm to protect the root password, which may allow attackers to obtain root credentials through brute-for...

9.8CVSS5.3AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability arises from the fact that the “Reset to Factory Settings” function fails to remove sensitive encrypted data from the JFFS2 configuration...

4.6CVSS5.3AI score0.00145EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability stems from issues with the U-Boot component, which may allow physical proximity attackers to bypass authentication and obtain root access by...

6.8CVSS5.2AI score0.00191EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.12 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability stems from the practice of storing sensitive wireless network information as plain text in the serial console during regular operations, which m...

4.6CVSS5.4AI score0.0014EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.12 views

CVE-2026-36180

A lack of runtime integrity in GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass file system read-only protections and modify system files and binaries for the duration of a boot session via a bind-mount attack...

5.5AI score0.00135EPSS
Exploits0References3
CVE
CVE
added 2026/06/04 12:0 a.m.23 views

CVE-2026-36180

CVE-2026-36180 affects GNCC GP5 v7.1.76. The issue is a lack of runtime integrity that lets physically-proximate attackers bypass read-only protections via a bind-mount attack, enabling modification of system files and binaries for the duration of a boot session. Documents consistently describe t...

4.6CVSS5.8AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.24 views

PT-2026-46247

Name of the Vulnerable Software and Affected Versions GNCC GP5 version 7.1.76 Description A lack of runtime integrity allows physically-proximate attackers to bypass file system read-only protections. This enables the modification of system files and binaries for the duration of a boot session...

4.6CVSS5.4AI score0.00135EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.8 views

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

4.6CVSS6.4AI score0.00256EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.9 views

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

6.8CVSS7AI score0.00399EPSS
Exploits1References1
NVD
NVD
added 2024/08/15 5:15 p.m.39 views

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

6.8CVSS0.00399EPSS
Exploits1References2
NVD
NVD
added 2024/08/15 5:15 p.m.31 views

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

4.6CVSS0.00256EPSS
Exploits1References2
CVE
CVE
added 2024/08/15 12:0 a.m.64 views

CVE-2024-31800

The CVE-2024-31800 entry concerns the GNCC GC2 Indoor Security Camera 1080P. Affected component: the device’s UART Debugging Port enables an authentication bypass, allowing a physically present attacker to obtain a privileged command shell. Documented impact includes high confidentiality, integri...

6.8CVSS6.9AI score0.00399EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/15 12:0 a.m.14 views

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

6.3AI score0.00256EPSS
Exploits1References2
CVE
CVE
added 2024/08/15 12:0 a.m.54 views

CVE-2024-31798

CVE-2024-31798 affects GNCC GC2 Indoor Security Camera 1080P. The vulnerability is caused by an identical hardcoded root password used across all devices, allowing a person with physical access to recover the root password for all similar devices. Impact stated in sources is that an attacker with...

6.8CVSS7AI score0.00363EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder